Depending on your security requirements and preferences, you can sign in to the Alibaba Cloud Management Console as a RAM user with a username and password or a passkey.
Sign-in entry points
RAM provides multiple sign-in entry points.
General entry point: Go directly to the RAM User Sign-in page, or go to the Alibaba Cloud account sign-in page and click RAM User Sign-in.
Account-specific logon URL (Recommended): If you know your enterprise's default logon suffix (for example,
@company-alias.onaliyun.com), you can use a dedicated URL to go directly to your enterprise's sign-in page. This saves you from entering the suffix manually. For more information about how to view or change the default logon suffix, see Manage logon suffixes for RAM users.URL format:
https://signin.alibabacloud.com/<Your-Default-Logon-Suffix>/login.htmSign in to the RAM console by using your Alibaba Cloud account. On the Overview page, you can find the RAM user sign-in URL to share with other users.
RAM user-specific logon URL (Recommended): You can specify
username=in the logon URL to pre-fill the username. Then, click Next and enter your password.@<Your-Default-Logon-Suffix> URL format:
https://signin.alibabacloud.com/login.htm?username=@<Your-Default-Logon-Suffix>
Sign in with a username and password
The following procedure uses the general RAM user sign-in entry point as an example.
Go to the RAM User Sign-in page.
On the RAM User Sign-in page, enter your username and click Next. The username must be in the format
<RAM-Username>@<default-logon-suffix>or<RAM-Username>@<domain-alias>. For more information about how to view or change the default logon suffix and domain alias, see Manage logon suffixes for RAM users.
Enter the password for the RAM user and click Sign In.
NoteIf the system detects that your password is weak when you sign in, you are redirected to a page to reset your password after you sign in. We recommend creating a stronger password. You can skip this step without affecting the current sign-in session. For more information, see the announcement.
(Optional) If you have multi-factor authentication (MFA) enabled, you must also complete MFA verification. For more information, see Multi-factor authentication (MFA) and Bind an MFA device as a RAM user.
Sign in with a passkey
A passkey provides secure, passwordless authentication. It first verifies the device binding and then uses the device's built-in authenticator, such as biometrics (fingerprint or face recognition) or a local PIN, to verify your identity.
Prerequisites
Administrator setup: A RAM administrator must allow RAM users to sign in with a passkey in the global security settings. This option is enabled by default for Alibaba Cloud accounts. To change this setting, perform the following steps:
Sign in to the RAM console using an Alibaba Cloud account or as a RAM user that has the
AliyunRAMFullAccesspolicy attached.On the Settings page, in the Global Security section, click Modify.
In the Global Security dialog box, enable Allow Users to Sign In with Passkey.
User setup: You must have registered a passkey, such as Touch ID or Windows Hello, in your personal security settings. For more information, see Manage passkeys for a RAM user.
Procedure
Go to the RAM User Sign-in page.
On the RAM User Sign-in page, enter your username and click Next. The username must be in the format
<RAM-Username>@<default-logon-suffix>or<RAM-Username>@<domain-alias>. For more information about how to view or change the default logon suffix and domain alias, see Manage logon suffixes for RAM users.Click Sign In with Passkey. If passkey sign-in fails, you can click Sign In with Password to use your password instead.
Your browser displays a security verification prompt. If you have multiple passkeys registered, you must select the device to use.
After completing the passkey verification, you are signed in.
FAQ
Forgotten password
Contact your RAM administrator to reset the password. For security reasons, RAM users cannot reset their own passwords. For more information, see Reset the password of a RAM user.